Kooma,after i finish the installation and tests, i will write a wiki for it.Fail2ban seems to be the almost perfect tool against brute force attack - which is specially indicated for asterisk users.Regards,Paulo

# Read common prefixes. If any customizations available -- read them from# common.local#before = common.conf

[Definition]

#_daemon = asterisk

# Option: failregex# Notes.: regex to match the password failures messages in the logfile. The# host must be matched by a group named "host". The tag "<HOST>" can# be used for standard IP/hostname matching and is only an alias for# (?:::f{4,6}:)?(?P<host>\S+)# Values: TEXT#

Carlos,it was only for checking, because when i type iptables -L -v, i do not see the fail2ban rule, as stated in the post we both used as basis for configuration. So i thought i was doing something wrong.Thx for the help.Paulo

Put the stuff for the file /etc/fail2ban/jail.conf into /etc/fail2ban/jail.local. According to the howto in your earlier post, you're not supposed to add rules the jail.conf file but jail.local instead.

Put the stuff for the file /etc/fail2ban/jail.conf into /etc/fail2ban/jail.local. According to the howto in your earlier post, you're not supposed to add rules the jail.conf file but jail.local instead.

Sorry, i did not find any reference to jail.local in the howto. Where did you find it?BR,Paulo

It's in the comment at the top of the jail.conf file itself. My fail2ban asterisk rule didn't show when I put it in jail.conf. After I changed it to jail.local everything worked like a charm. Its already blocking some asterisk intruders for me!